Cisco Systems OL-16066-01 Understanding Method Lists, AAA Server Group Dialog Box, page F-12

• Understanding Method Lists, page 15-69

• AAA Server Group Dialog Box, page F-12

• Predefined AAA Authentication Server Groups, page 9-15

Field Reference

Table K-38

AAA Page—Authentication Tab

Element

Description

Enable Device Login

When selected, enables the authentication of all users when they log in to the

Authentication

device, using the methods defined in the method list.

When deselected, authentication is not performed.

Prioritized Method List

Defines a sequential list of methods to be queried when authenticating a user.

Enter the names of one or more AAA server group objects (up to four), or

click Select to display an Object Selectors, page F-593. Use the up and down

arrows in the object selector to define the order in which the selected server

groups should be used.

The device tries initially to authenticate users using the first method in the

list. If that method fails to respond, the device tries the next method, and so

on, until a response is received.

Supported methods include Line, Local, Kerberos, RADIUS, TACACS+,

and None.

Note If you select None as a method, it must appear as the last method in

the list.

Maximum Number of

The maximum number of unsuccessful authentication attempts before a user

Attempts

is locked out. This feature is disabled by default. Valid values range from 1

to 65535.

Note From the standpoint of the user, there is no distinction between a

normal authentication failure and an authentication failure due to

being locked out. The system administrator has to explicitly clear the

status of a locked-out user using clear commands.

User Guide for Cisco Security Manager 3.2

OL-16066-01

K-89